[rekonq] Review Request: Enable dropping dragged text into a text field on web page

Pierre Rossi pierre.rossi at gmail.com
Wed Aug 3 12:58:54 UTC 2011 


> On Aug. 3, 2011, 11:54 a.m., Pierre Rossi wrote:
> > src/webview.cpp, line 484
> > <http://git.reviewboard.kde.org/r/102192/diff/1/?file=30658#file30658line484>
> >
> >     You probably want to make sure that you're not modifying elements not editable for the user. See:
> >     
> >     http://doc.qt.nokia.com/latest/qwebhittestresult.html#isContentEditable
> >     
> >     Also, if you're gonna use QWebElement, then you probably could just use setInnerXml or appendInside that sounds more robust and secure than evaluating JavaScript that could contain potentially anything (even evil stuff).
> 
> Furkan Üzümcü wrote:
>     I already check it. (else if (isEditable) part.)
>     Also, I couldn't get setInnerXml or appendInside work. That's why chose evaluating JavaScript. :)

oh right, isEditable does just that. So wait, this is just for dragging text within the same view, then ? 
Please add a little comment next to the else if statement like the ones above, the number of branches in this if statement is getting big.


I still see the JS as a potential security issue there though.


- Pierre


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/102192/#review5342
-----------------------------------------------------------


On Aug. 3, 2011, 10:39 a.m., Furkan Üzümcü wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/102192/
> -----------------------------------------------------------
> 
> (Updated Aug. 3, 2011, 10:39 a.m.)
> 
> 
> Review request for rekonq.
> 
> 
> Summary
> -------
> 
> You couldn't drop text into a text field on a web page. Now you can.
> 
> 
> Diffs
> -----
> 
>   src/webview.cpp f31d234 
> 
> Diff: http://git.reviewboard.kde.org/r/102192/diff
> 
> 
> Testing
> -------
> 
> Compiles and works.
> 
> 
> Thanks,
> 
> Furkan
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/rekonq/attachments/20110803/9cc9897e/attachment.html>

More information about the rekonq mailing list